NOTE: In the time since this post was authored, Atlas has grown and evolved into “The Creator Empowerment Platform for Splunk.” Now, organizations large and small depend on Atlas every day to help them create new paths to incredible results. The offering has changed slightly from what you’ll read about below, but we love looking back on this little piece of Atlas and Kinney Group history as the day our journey with Atlas officially began. Enjoy!
Splunk is an amazing Data Analytics platform, able to receive data from all over your ecosystem, perform crazy effective correlation searches and populate tidy dashboards. But a platform this big and mature obviously has some hurdles for owners to overcome before receiving the full benefits of such a large investment. Atlas can help you clear these Splunk sore spots and get you and your team on the fast track to achieving outcomes and mastering your Splunk Environment and Utilization.
When we say Splunk is a massive platform, we mean it! From Splunk Core, which consists of Search Heads, Indexers, and Forwarders, to Splunk Enterprise Security, Splunk SOAR, Splunk ITSI, the Splunk portfolio is as complex as the unique and technical requirements demand. And peeling behind the curtain, powering these applications and outcomes are Splunk searches, scheduled alerts, dashboards, data models, lookup tables, KV stores, and the list goes on and on. All these ingredients mixed together in what could be an overwhelming dish for many new and old Splunk owners.
Zeroing in on New Splunk Owners, these fresh faced Splunkers are eager to get results out of their new platform but may be overwhelmed by all the bits and bots of the platform. What should new Splunk Users and Admins do first? Learn Search Processing Language? Get Data into Splunk through a one-time drop or a consistent data feed? Build a simple dashboard? What should Users and Admins learn first? How to control for concurrency in alerting, or how to write better SPL searches to ensure the environment doesn’t tank? These questions can hamper Splunk adoption, and lead to an unorganized, and unoptimized, Splunk environment.
Mature Splunk Owners are not without issues as well. With Admins swapping in and out of management teams, is the Splunk environment under a consistent and knowledgeable enough watch to improve? How are new users and data onboarded to ensure stability? How do Admin teams stay proactive with Concurrency, and deprecated data streams? These issues can slow down a once effective Splunk Team, and more importantly slow or stall a Splunk System.
As we promised earlier, Atlas can help with these issues and light the fire of Splunk Adoption and Expansion for your team. But what is Atlas, and how does it look in practice? An Atlas subscription consists of 3 products:
- Atlas Assessment, which provides clear, actionable steps you can take to improve your environment
- Atlas Application Suite, a collection of Atlas Elements that help Admins and Users master Splunk
- Expertise on Demand (EoD), a fantastic service dedicated to live help with achieving Splunk outcomes such as data onboarding or education
The Atlas Application Suite resides on your Search Head layer and is easily applied like a collection of Splunk Apps. These Elements work together to achieve great outcomes for your Splunk environment and Users. These elements align themselves with common themes that plague Splunk deployments everywhere:
- Data Sprawl: Keeping track of ingests and ensuring license utilization is spent wisely
- Search Quality: Poor scheduled searches and concurrency can severely impact performance or results
- Data Awareness: Ensuring data streams stay healthy and automating reporting for disruptions
- Usability Gap: Lowering the bar to entry for utilizing and managing Splunk
- Cloud Migration: Making the bridge to Splunk Cloud quick and easy
Aligned to these themes, Atlas can make short work of the hurdles we mentioned earlier, especially since the Atlas Application Suite resides on Splunk itself!
For new Splunk Owners, Expertise on Demand and the Search Library can guide Users and Admins down the best route for learning Splunk SPL and building dashboards. Scheduling Inspector empowers Splunk Admins to ensure Scheduled Searches are working as expected and Data Management enables Admins to have visibility into how ingest License is being spent.
Mature Splunk Environments can appreciate Atlas’s ability to tune up their environment and give Admin tools they need to not just manage Data Sprawl but put their Forwarders under a watchful eye and highlight unreliable data streams. Scheduling Assistant will help Admins speed up the environment and reduce errors as they reduce system concurrency, and Expertise on Demand is of course still there to assist with any issues outside the Splunk Team’s scope.
Splunk is a large platform that deserves a well-equipped team of Splunk Admins and a well-supported squad of Splunk Users. With Atlas, Splunk Environments both big and small, new and old, can get more out of Splunk, making it faster, more effective, and able to tackle new goals. With Atlas, you can begin your Splunk Journey with the right foot forward.
